Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Consider sigv4a supported without crt check #3089

Merged
merged 4 commits into from
Aug 15, 2024
Merged

Consider sigv4a supported without crt check #3089

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
f9c6137
Consider sigv4a supported without crt check
alextwoods Aug 14, 2024
7696e3c
Add changelog
alextwoods Aug 14, 2024
63d6141
Allow legacy/undocumented sigv4_signer configuration to override reso…
alextwoods Aug 14, 2024
d91cbbc
add backticks
alextwoods Aug 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions gems/aws-sdk-core/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
Unreleased Changes
------------------

* Issue - Allow legacy/undocumented sigv4_signer configuration to override resolved signer.
jterapin marked this conversation as resolved.
Show resolved Hide resolved
* Issue - Consider sigv4a supported without crt check.

3.201.4 (2024-08-08)
------------------

Expand Down
2 changes: 1 addition & 1 deletion gems/aws-sdk-core/aws-sdk-core.gemspec
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ Gem::Specification.new do |spec|

spec.add_dependency('jmespath', '~> 1', '>= 1.6.1') # necessary for secure jmespath JSON parsing
spec.add_dependency('aws-partitions', '~> 1', '>= 1.651.0') # necessary for new endpoint resolution
spec.add_dependency('aws-sigv4', '~> 1.8') # necessary for s3 express auth
spec.add_dependency('aws-sigv4', '~> 1.9') # necessary for s3 express auth/native sigv4a support
spec.add_dependency('aws-eventstream', '~> 1', '>= 1.3.0') # necessary for binary eventstream

spec.metadata = {
Expand Down
5 changes: 2 additions & 3 deletions gems/aws-sdk-core/lib/aws-sdk-core/plugins/sign.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,7 @@ class Sign < Seahorse::Client::Plugin
option(:sigv4_region)
option(:unsigned_operations, default: [])

supported_auth_types = %w[sigv4 bearer sigv4-s3express none]
supported_auth_types += ['sigv4a'] if Aws::Sigv4::Signer.use_crt?
supported_auth_types = %w[sigv4 bearer sigv4-s3express sigv4a none]
SUPPORTED_AUTH_TYPES = supported_auth_types.freeze

def add_handlers(handlers, cfg)
Expand Down Expand Up @@ -107,7 +106,7 @@ def initialize(auth_scheme, config, sigv4_overrides = {})
auth_scheme['signingRegion']
end
begin
@signer = Aws::Sigv4::Signer.new(
@signer = config.sigv4_signer || Aws::Sigv4::Signer.new(
service: config.sigv4_name || auth_scheme['signingName'],
region: sigv4_overrides[:region] || config.sigv4_region || region,
credentials_provider: sigv4_overrides[:credentials] || config.credentials,
Expand Down
Loading